Symantec Administration Console Admin Guide

8/7/2019 Symantec Administration Console Admin Guide

1/73

Symantec Administration

Console for Macintosh

Administrators Guide


2/73

Symantec Administration Console for MacintoshAdministrators Guide

Copyright 2005 Symantec Corporation. All rights reserved.

Documentation version 1.0.1

Symantec, and the Symantec logo are U.S. registered trademarks of SymantecCorporation. LiveUpdate, Symantec AntiVirus, Symantec Enterprise SecurityArchitecture, and Symantec Security Response are trademarks of Symantec Corporation.Mac, Macintosh, Mac OS, eMac, Safari, and the Mac logo are trademarks of AppleComputer, Inc. PowerMac, iMac, and Xserve are trademarks of Apple Computer, Inc.,registered in the U.S. and other countries. MySQL is a registered trademark of MySQL ABin Sweden and other countries. MySQL is a trademark in the United States and othercountries. Red Hat and all Red Hat-based trademarks and logos are trademarks orregistered trademarks of Red Hat, Inc. in the United States and other countries. Linux is aregistered trademark of Linus Torvalds. RSA is a registered trademark or trademark ofRSA Security Inc. in the United States and/or other countries. Netscape is a registeredtrademark of Netscape Communications Corporation in the United States and othercountries. Windows and Internet Explorer are either registered trademarks or trademarks

of Microsoft Corporation. Other names may be trademarks of their respective owners.

The product described in this document is distributed under licenses restricting its use,copying, distribution, and decompilation/reverse engineering. No part of this documentmay be reproduced in any form by any means without prior written authorization ofSymantec Corporation and its licensors, if any.

THIS DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIEDCONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIEDWARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH

DISCLAIMERS ARE HELD TO BE LEGALLY INVALID, SYMANTEC CORPORATION SHALLNOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTIONWITH THE FURNISHING PERFORMANCE, OR USE OF THIS DOCUMENTATION. THEINFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGEWITHOUT NOTICE.

Symantec Corporation20330 Stevens Creek Blvd.Cupertino, CA 95014http://www.symantec.com


3/73

Technical SupportSymantec Technical Support maintains support centers globally. TechnicalSupports primary role is to respond to specific queries about product featureand function, installation, and configuration. The Technical Support group alsoauthors content for our online Knowledge Base. The Technical Support groupworks collaboratively with the other functional areas within Symantec toanswer your questions in a timely fashion. For example, the Technical Supportgroup works with Product Engineering and Symantec Security Response to

provide alerting services and virus definition updates.

Symantecs maintenance offerings include the following:

A range of support options that give you the flexibility to select the rightamount of service for any size organization

Telephone and Web-based support that provides rapid response and up-to-the-minute information

Upgrade insurance that delivers automatic software upgrade protection

Global support that is available 24 hours a day, 7 days a week worldwide.Support is provided in a variety of languages for those customers that areenrolled in the Platinum Support program

Advanced features, including Technical Account Management

For information about Symantecs Maintenance Programs, you can visit ourWeb site at the following URL:

www.symantec.com/techsupp/ent/enterprise.html

Select your country or language under Global Support. The specific features thatare available may vary based on the level of maintenance that was purchasedand the specific product that you use.

Contacting Technical Support

Customers with a current maintenance agreement may access TechnicalSupport information at the following URL:


Select your region or language under Global Support.Before contacting Technical Support, make sure you have satisfied the systemrequirements that are listed in your product documentation. Also, you should beat the computer on which the problem occurred, in case it is necessary torecreate the problem.

When you contact Technical Support, please have the following informationavailable:

Product release level

Hardware information

Available memory, disk space, NIC information


4/73

Operating system

Version and patch level

Network topology

Router, gateway, and IP address information

Problem description:

Error messages and log files

Troubleshooting that was performed before contacting Symantec

Recent software configuration changes and network changes

Licensing and registration

If your Symantec product requires registration or a license key, access ourtechnical support Web page at the following URL:

www.symantec.com/techsupp/ent/enterprise.html.

Select your region or language under Global Support, and then select theLicensing and Registration page.

Customer service

Customer service information is available at the following URL:


Select your country or language under Global Support.

Customer Service is available to assist with the following types of issues:

Questions regarding product licensing or serialization

Product registration updates such as address or name changes

General product information (features, language availability, local dealers)

Latest information about product updates and upgrades

Information about upgrade insurance and maintenance contracts

Information about Symantec Value License Program

Advice about Symantec's technical support options

Nontechnical presales questions Issues that are related to CD-ROMs or manuals

Maintenance agreement resources

If you want to contact Symantec regarding an existing maintenance agreement,please contact the maintenance agreement administration team for your regionas follows:

Asia-Pacific and Japan: [email protected]

Europe, Middle-East, and Africa: [email protected]

North America and Latin America: [email protected]


5/73

Additional enterprise services

Symantec offers a comprehensive set of services that allow you to maximizeyour investment in Symantec products and to develop your knowledge,expertise, and global insight, which enable you to manage your business risksproactively. Additional services that are available include the following:

To access more information about Enterprise Services, please visit our Web siteat the following URL:

www.symantec.com

Select your country or language from the site index.

Symantec Early Warning

Solutions

These solutions provide early warning of cyber attacks,

comprehensive threat analysis, and countermeasures to

prevent attacks before they occur.

Managed Security Services These services remove the burden of managing andmonitoring security devices and events, ensuring rapid

response to real threats.

Consulting services Symantec Consulting Services provide on-site technical

expertise from Symantec and its trusted partners.

Symantec Consulting Services offer a variety of

prepackaged and customizable options that include

assessment, design, implementation, monitoring and

management capabilities, each focused on establishingand maintaining the integrity and availability of your IT

resources.

Educational Services These services provide a full array of technical training,

security education, security certification, and awareness

communication programs.


6/73

Symantec Corporation Software License AgreementSymantec Administration Console for MacintoshSYMANTEC CORPORATION AND/OR ITS

SUBSIDIARIES (SYMANTEC) IS WILLING TOLICENSE THE SOFTWARE TO YOU AS ANINDIVIDUAL, THE COMPANY, OR THE LEGAL ENTITYTHAT WILL BE UTILIZING THE SOFTWARE(REFERENCED BELOW AS YOU OR YOUR) ONLYON THE CONDITION THAT YOU ACCEPT ALL OF THETERMS OF THIS LICENSE AGREEMENT. READ THETERMS AND CONDITIONS OF THIS LICENSEAGREEMENT CAREFULLY BEFORE USING THESOFTWARE. THIS IS A LEGAL AND ENFORCEABLECONTRACT BETWEEN YOU AND THE LICENSOR. BY

OPENING THIS PACKAGE, BREAKING THE SEAL,CLICKING THE AGREE OR YES BUTTON OROTHERWISE INDICATING ASSENTELECTRONICALLY, OR LOADING THE SOFTWARE,YOU AGREE TO THE TERMS AND CONDITIONS OFTHIS AGREEMENT. IF YOU DO NOT AGREE TO THESETERMS AND CONDITIONS, CLICK THE I DO NOTAGREE OR NO BUTTON OR OTHERWISE INDICATEREFUSAL AND MAKE NO FURTHER USE OF THESOFTWARE.

1. License:The software and documentation that accompaniesthis license (collectively the Software) is theproprietary property of Symantec or its licensors andis protected by copyright law. While Symanteccontinues to own the Software, You will have certainrights to use the Software after Your acceptance of thislicense. This license governs any releases, revisions, orenhancements to the Software that the Licensor may

furnish to You. Except as may be modified by anapplicable Symantec license certificate, licensecoupon, or license key (each a License Module) thataccompanies, precedes, or follows this license, and asmay be further defined in the user documentationaccompanying the Software, Your rights andobligations with respect to the use of this Software areas follows.

You may:A. use the number of copies of the Software as havebeen licensed to You by Symantec under a LicenseModule. If the Software is part of a suite containingmultiple Software titles, the total number of copies Youmay use, in any combination of Software titles, maynot exceed the total number of copies indicated in theLicense Module. Your License Module shall constituteproof of Your right to make such copies. If no LicenseModule accompanies, precedes, or follows this license,You may make one copy of the Software You areauthorized to use on a single computer;

B. make one copy of the Software for archivalpurposes, or copy the Software onto the hard disk ofYour computer and retain the original for archivalpurposes;

C. use the Software on a network, provided that You

have a licensed copy of the Software for each computerthat can access the Software over that network;D. use the Software in accordance with any writtenagreement between You and Symantec; andE. after written consent from Symantec, transfer theSoftware on a permanent basis to another person orentity, provided that You retain no copies of theSoftware and the transferee agrees in writing to theterms of this license.

You may not:A. copy the printed documentation that accompaniesthe Software;B. sublicense, rent, or lease any portion of theSoftware; reverse engineer, decompile, disassemble,modify, translate, make any attempt to discover thesource code of the Software, or create derivative worksfrom the Software;C. use the Software as part of a facility management,timesharing, service provider, or service bureauarrangement;

D. use a previous version or copy of the Software afterYou have received and installed a disk replacement setor an upgraded version. Upon upgrading the Software,all copies of the prior version must be destroyed;E. use a later version of the Software than is providedherewith unless You have purchased correspondingmaintenance and/or upgrade insurance or haveotherwise separately acquired the right to use suchlater version;F. use, if You received the software distributed on

media containing multiple Symantec products, anySymantec software on the media for which You havenot received permission in a License Module; norG. use the Software in any manner not authorized bythis license.

2. Content Updates:Certain Software utilize content that is updated fromtime to time (including but not limited to the followingSoftware: antispam software utilize updated antispamrules; antivirus software utilize updated virusdefinitions; content filtering software utilize updatedURL lists; some firewall software utilize updatedfirewall rules; policy compliance software utilizeupdated policy compliance updates; and vulnerabilityassessment products utilize updated vulnerabilitysignatures; these updates are collectively referred to asContent Updates). You shall have the right to obtainContent Updates for any period for which You havepurchased maintenance, except for those ContentUpdates that Symantec elects to make available by

separate paid subscription, or for any period for whichYou have otherwise separately acquired the right toobtain Content Updates. Symantec reserves the rightto designate specified Content Updates as requiring


7/73

purchase of a separate subscription at any time and

without notice to You; provided, however, that if Youpurchase maintenance hereunder that includesparticular Content Updates on the date of purchase,You will not have to pay an additional fee to continuereceiving such Content Updates through the term ofsuch maintenance even if Symantec designates suchContent Updates as requiring separate purchase. ThisLicense does not otherwise permit the licensee toobtain and use Content Updates.

3. Limited Warranty:Symantec warrants that the media on which theSoftware is distributed will be free from defects for aperiod of thirty (30) days from the date of delivery ofthe Software to You. Your sole remedy in the event of abreach of this warranty will be that Symantec will, atits option, replace any defective media returned toSymantec within the warranty period or refund themoney You paid for the Software. Symantec does notwarrant that the Software will meet Your requirementsor that operation of the Software will be uninterrupted

or that the Software will be error-free.

TO THE MAXIMUM EXTENT PERMITTED BYAPPLICABLE LAW, THE ABOVE WARRANTY ISEXCLUSIVE AND IN LIEU OF ALL OTHERWARRANTIES, WHETHER EXPRESS OR IMPLIED,INCLUDING THE IMPLIED WARRANTIES OFMERCHANTABILITY, FITNESS FOR A PARTICULARPURPOSE, AND NONINFRINGEMENT OFINTELLECTUAL PROPERTY RIGHTS. THISWARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS.YOU MAY HAVE OTHER RIGHTS, WHICH VARYFROM STATE TO STATE AND COUNTRY TOCOUNTRY.

4. Disclaimer of Damages:SOME STATES AND COUNTRIES, INCLUDINGMEMBER COUNTRIES OF THE EUROPEANECONOMIC AREA, DO NOT ALLOW THE LIMITATIONOR EXCLUSION OF LIABILITY FOR INCIDENTAL ORCONSEQUENTIAL DAMAGES, SO THE BELOWLIMITATION OR EXCLUSION MAY NOT APPLY TOYOU.TO THE MAXIMUM EXTENT PERMITTED BYAPPLICABLE LAW AND REGARDLESS OF WHETHERANY REMEDY SET FORTH HEREIN FAILS OF ITSESSENTIAL PURPOSE, IN NO EVENT WILLSYMANTEC BE LIABLE TO YOU FOR ANY SPECIAL,CONSEQUENTIAL, INDIRECT, OR SIMILARDAMAGES, INCLUDING ANY LOST PROFITS OR LOSTDATA ARISING OUT OF THE USE OR INABILITY TO

USE THE SOFTWARE EVEN IF SYMANTEC HAS BEENADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

IN NO CASE SHALL SYMANTEC'S LIABILITY EXCEED

THE PURCHASE PRICE FOR THE SOFTWARE. Thedisclaimers and limitations set forth above will applyregardless of whether or not You accept the Software.

5. U.S. Government Restricted Rights:RESTRICTED RIGHTS LEGEND. All Symantec productsand documentation are commercial in nature. Thesoftware and software documentation areCommercial Items, as that term is defined in 48C.F.R. section 2.101, consisting of Commercial

Computer Software and Commercial ComputerSoftware Documentation, as such terms are defined in48 C.F.R. section 252.227-7014(a)(5) and 48 C.F.R.section 252.227-7014(a)(1), and used in 48 C.F.R.section 12.212 and 48 C.F.R. section 227.7202, asapplicable. Consistent with 48 C.F.R. section 12.212, 48C.F.R. section 252.227-7015, 48 C.F.R. section 227.7202through 227.7202-4, 48 C.F.R. section 52.227-14, andother relevant sections of the Code of FederalRegulations, as applicable, Symantec's computersoftware and computer software documentation are

licensed to United States Government end users withonly those rights as granted to all other end users,according to the terms and conditions contained in thislicense agreement. Manufacturer is SymantecCorporation, 20330 Stevens Creek Blvd., Cupertino, CA95014, United States of America.

6. Export Regulation:Certain Symantec products are subject to exportcontrols by the U.S. Department of Commerce (DOC),

under the Export Administration Regulations (EAR)(see www.bxa.doc.gov). Violation of U.S. law is strictlyprohibited. Licensee agrees to comply with therequirements of the EAR and all applicableinternational, national, state, regional and local laws,and regulations, including any applicable import anduse restrictions. Symantec products are currentlyprohibited for export or re-export to Cuba, NorthKorea, Iran, Iraq, Libya, Syria and Sudan or to anycountry subject to applicable trade sanctions. Licenseeagrees not to export, or re-export, directly orindirectly, any product to any country outlined in theEAR, nor to any person or entity on the DOC DeniedPersons, Entities and Unverified Lists, the U.S.Department of State's Debarred List, or on the U.S.Department of Treasury's lists of Specially DesignatedNationals, Specially Designated Narcotics Traffickers,or Specially Designated Terrorists. Furthermore,Licensee agrees not to export, or re-export, Symantecproducts to any military entity not approved under theEAR, or to any other entity for any military purpose,

nor will it sell any Symantec product for use inconnection with chemical, biological, or nuclearweapons or missiles capable of delivering suchweapons.


8/73

7. General:

If You are located in North America or Latin America,this Agreement will be governed by the laws of theState of California, United States of America.Otherwise, this Agreement will be governed by thelaws of England and Wales. This Agreement and anyrelated License Module is the entire agreementbetween You and Symantec relating to the Softwareand: (i) supersedes all prior or contemporaneous oralor written communications, proposals, andrepresentations with respect to its subject matter; and

(ii) prevails over any conflicting or additional terms ofany quote, order, acknowledgment, or similarcommunications between the parties. This Agreementshall terminate upon Your breach of any termcontained herein and You shall cease use of anddestroy all copies of the Software. The disclaimers ofwarranties and damages and limitations on liabilityshall survive termination. Software anddocumentation is delivered Ex Works California, U.S.A.or Dublin, Ireland respectively (ICC INCOTERMS 2000).This Agreement may only be modified by a License

Module that accompanies this license or by a writtendocument that has been signed by both You andSymantec. Should You have any questions concerningthis Agreement, or if You desire to contact Symantecfor any reason, please write to: (i) Symantec CustomerService, 555 International Way, Springfield, OR 97477,U.S.A., (ii) Symantec Customer Service Center, PO BOX5689, Dublin 15, Ireland, or (iii) Symantec CustomerService, 1 Julius Ave, North Ryde, NSW 2113,Australia.

8. Additional Uses and Restrictions:A. If the Software You have licensed is a specifiedSymantec AntiVirus for a corresponding third partyproduct or platform, You may only use that specifiedSoftware with the corresponding product or platform.You may not allow any computer to access theSoftware other than a computer using the specifiedproduct or platform. In the event that You wish to usethe Software with a certain product or platform forwhich there is no specified Software, You may useSymantec Scan Engine.B. If the Software you have licensed is SymantecAntiVirus or Symantec Scan Engine utilizing WebServer optional licensing as set forth in the LicenseModule, the following additional use(s) andrestriction(s) apply:i) You may use the Software only with files that arereceived from third parties through a web server;ii) You may use the Software only with files receivedfrom less than 10,000 unique third parties per month;

andiii) You may not charge or assess a fee for use of theSoftware for Your internal business.

C. If the Software You have licensed is Symantec Client

Security, this Software utilizes the Standard TemplateLibrary, a C++ library of container classes, algorithms,and iterators. Copyright (c) 1996-1999. SiliconGraphics Computer Systems, Inc. Copyright (c) 1994.Hewlett-Packard Company.


9/73

Contents

Technical Support

Chapter 1 Introducing the Symantec Administration Consolefor Macintosh

About the Symantec Administration Console for Macintosh .......................13

About the client/server model ...........................................................................14

About the client ....................................................................................................15

Chapter 2 Guarding your network

About antivirus protection .................................................................................17Setting up a local LiveUpdate server on your network ..................................18

Creating custom preference sets .......................................................................18

Creating LiveUpdate preference sets ........................................................18

Restoring the default LiveUpdate preference set ...................................19

Creating Symantec AntiVirus for Macintosh preference sets ..............19

Creating Auto-Protect preference sets .....................................................20

Sending preferences to clients ...........................................................................21

Updating clients ...................................................................................................22Running LiveUpdate commands ...............................................................23

About clients with intermittent connectivity ..........................................24

Initiating scans .....................................................................................................24

Chapter 3 Managing accounts, clients, and groups

Managing administrator accounts ....................................................................27

Creating administrator accounts ...............................................................28Editing administrator accounts .................................................................29

Removing administrator accounts ............................................................29

Managing clients ..................................................................................................30

Configuring a client package ......................................................................30

Manually setting client preferences .........................................................31

Pinging network clients ..............................................................................31

Editing your client list .................................................................................32

Removing clients from the managed client database ............................33


10/73

10 Contents

Managing groups ................................................................................................. 33

Creating groups ............................................................................................34Deleting groups ............................................................................................ 34

Adding clients to a group ............................................................................ 34

Removing clients from a group ................................................................. 35

Chapter 4 Managing commands

Managing command templates ......................................................................... 37

Creating command templates .................................................................... 37

Using command templates ......................................................................... 38

Deleting command templates .................................................................... 38

Managing public keys ......................................................................................... 39

Creating a public key ...................................................................................39

Adding a public key to clients on the network ........................................40

Removing a public key from clients on the network .............................. 40

Interrupting commands and processes ............................................................41

Terminating a command ............................................................................ 42Resetting a client ......................................................................................... 42

Rebooting a client ........................................................................................ 43

Chapter 5 Managing software installation

Installing software ..............................................................................................45

Creating a package .......................................................................................46

Running the Install Software command .................................................. 46

Running the Download Script command ......................................................... 47Running a custom script .....................................................................................48

Chapter 6 Reviewing network status

Using the Home page .......................................................................................... 51

Viewing events .....................................................................................................52

Viewing the Events log ................................................................................52

Viewing the Client Events log ....................................................................52Viewing command results .................................................................................. 52

Viewing virus protection status ........................................................................53

Viewing virus activity status .............................................................................53

Viewing installed client software ...................................................................... 54

Viewing the Client Software Versions report .......................................... 54

Viewing installed client software on the Send Commands page .......... 54

Viewing software status .............................................................................55

Customizing log or report displays ................................................................... 55Purging log data ...................................................................................................56


11/73


12/73

12 Contents


13/73

Chapter 1

Introducing the Symantec

Administration Console for

Macintosh

This chapter includes the following topics:

About the Symantec Administration Console for Macintosh

About the client/server model

About the client

About the Symantec Administration Console forMacintosh

The Symantec Administration Console for Macintosh centralizes the

management of Macintosh network clients that run Norton AntiVirus or

Symantec AntiVirus for Macintosh. It works with the Apache HTTP Web

server and MySQL database provided with the Macintosh OS X Server to

perform this function. You can access the administration console locally or

remotely, and can perform the following tasks using the console:

Update client software and virus definitions.

Create and issue preference sets for installed Symantec products.

Initiate virus scans on client computers.

Review logs, summaries, and reports.

Manage client groups.


14/73

14 Introducing the Symantec Administration Console for MacintoshAbout the client/server model

To enable the Symantec Administration Console for Macintosh to manage

network clients, you must install client software on each workstation. The clientsoftware runs commands that you issue from the administration console.

See the Symantec AntiVirus 10 for Macintosh Installation Guidefor additional

information about client installation.

About the client/server model

The Symantec Administration Console for Macintosh uses the Apache HTTPWeb server and PHP to generate HTML pages that reflect communication

between the MySQL database, the administration console, and the clients.

Transactions include commands that you issue from the server. They also

include command, event, and status updates that you subsequently view in the

administration console.

The following two tables, taken from the Symantec AntiVirus 10 for Macintosh

Installation Guide, list the components that make up the server portion of the

client/server model.

Table 1-1 Server components installed by the Symantec Administration


Component Description

Command server Issues commands to clients and handles information from

clients.

Administration console Web-based user interface for viewing client status and

managing client computers.



database tables

MySQL database components for the Symantec

Administration Console for Macintosh (command log,

command library, client status logs).

Table 1-2 Server components installed as part of Mac OS X Server 10.3

Component Description

MySQL relational database

management system

Database used by the Symantec Administration Console for

Macintosh database components.

Apache HTTP server Serves administration console Web pages (user interface).

Also, receives status and event updates from clients.


15/73

15Introducing the Symantec Administration Console for MacintoshAbout the client

A command that you issue from the administration console passes through to

the Apache HTTP Web server. The server stores information about the newcommand in the appropriate database tables and instructs the command server

to issue the command to the UDP multicast address that was set when Symantec

Administration Console for Macintosh was installed. The command broadcasts

through one or more routers to individual clients and client groups registered

with the UDP address.

Clients can complete commands successfully, or fail or skip commands. In each

case, a client reports the result of the command to the Apache HTTP Web server.

In turn, the server updates the MySQL database tables and updates the

administration console displays with the software, event, or command status.

About the clientThe client software is a thin daemon that runs transparently on each client

computer. The following table lists the components that make up the client part

of the client/server model.

The administrator installs the client software on network computers as

described in the Symantec AntiVirus 10 for Macintosh Installation Guide. Wheninstalled, the client software and all of its tools are owned by, and run as, root.

The software listens on a single port for commands from the command server.

When a command is received, the client software checks it for authenticity

(using digital signatures) and integrity and then carries out the command.

The administrator can issue commands that force an immediate response from

the client, or instructions to download one or more packages from the Apache

HTTP Web server or a LiveUpdate server. After a client downloads a package,

the client carries out the instructions contained in the package.

Table 1-3 Client components

Components Description



client software (daemon

process)

Receives and runs commands from the server and sends

back status to the server.

This software is required for a client to be able to receive

and run commands from the Symantec AdministrationConsole for Macintosh server.

Symantec AntiVirus 10 for

Macintosh

Software installed on the client and used by Symantec

Administration Console for Macintosh to remotely perform

antivirus tasks on the client.


16/73

16 Introducing the Symantec Administration Console for MacintoshAbout the client

2


17/73

Chapter 2

Guarding your network


About antivirus protection

Setting up a local LiveUpdate server on your network

Creating custom preference sets

Sending preferences to clients

Updating clients

Initiating scans

About antivirus protectionThe Symantec Administration Console for Macintosh provides you with themeans to protect your organization against viruses, and which you can

customize for your enterprises specific needs. The antivirus tools available to

you are LiveUpdate, Symantec AntiVirus for Macintosh, and Auto-Protect.

Using LiveUpdate, you can update your virus definitions and download

Symantec product updates. Once you update your virus definitions, you can use

Symantec AntiVirus to scan and eliminate viruses. Symantec AntiVirus and

Auto-Protect repair infected files on detection, or quarantine infected files thatcannot be repaired. Auto-Protect provides real-time defense against virus

attacks by scanning for viruses whenever your clients access, copy, or save files.


18/73

18 Guarding your networkSetting up a local LiveUpdate server on your network

Setting up a local LiveUpdate server on yournetwork

You can configure clients to download virus definition updates and product

updates either from the Symantec Web site or from an internal server on your

network. If you want your clients to download updates from an internal server,

and you need instructions for how to set up that server, you can access those

instructions on the Symantec Knowledge Base.

To access instructions for setting up an internal LiveUpdate server

1 On the Internet, go to www.symantec.com

2 On top of the Symantec Home page, click search.

3 On the search page, in the Search box, type:

how to set up an internal LiveUpdate server

Be sure to include the quotation marks in your entry.

4 Under Website Searches, check Knowledge Base.

5 Click search.

6 On the results page, click the first linked article.

Creating custom preference sets

The default preference settings on Symantec products installed on your clientsgenerally provide sufficient protection and usually do not need to be changed.

However, to change these settings and to ensure the consistency of those

changes across your network, you can create preference sets for LiveUpdate,

Symantec AntiVirus for Macintosh, and Auto-Protect.

Creating LiveUpdate preference sets

You can specify LiveUpdate preferences for clients. On the LiveUpdate Optionspage, you can set the server or host name from which the client or group

downloads protection, program, and virus definitions files.

To create LiveUpdate preference sets

1 On the Client Preferences page, click Create LiveUpdate Preference Set.


19/73

19Guarding your networkCreating custom preference sets

2 On the LiveUpdate Options page, specify the following:

3 Click Save Preference Set.

Restoring the default LiveUpdate preference set

The Symantec Administration Console for Macintosh saves the default

LiveUpdate preference set so that you can restore it, if necessary.

To restore the default LiveUpdate preference set1 On the Client Preferences page, click Create LiveUpdate Preference Set.

2 On the LiveUpdate Options page, click Reset to Defaults.


Creating Symantec AntiVirus for Macintosh preference sets

On the Symantec AntiVirus for Macintosh Options page, you can specifywhether Symantec AntiVirus scans compressed files, whether scheduled scans

produce an alert message on the client, and how Symantec AntiVirus handles

any infected files that it detects.

Note: These preference settings apply to clients running versions of either

Symantec AntiVirus or Norton AntiVirus that are compatible with Symantec

Administration Console for Macintosh.

Key ID The integer by which the public key is identified by both

the server and the client.

Key Password The password that corresponds to your Key ID.

Preference Set Name The name that identifies your saved preference settings.

Protocol The LiveUpdate server type (FTP or HTTP) that hosts

current LiveUpdate files for client downloads.

Host Name The LiveUpdate servers FTP or HTTP address from which

clients can download LiveUpdate files.

Set Login and

Password

Check this option to set the Login Name and Password.

Login and Password The authentication information that the client requires to

access the LiveUpdate server and download current files.


20/73

20 Guarding your networkCreating custom preference sets

To create Symantec AntiVirus for Macintosh preference sets

1 On the Client Preferences page, click Create Symantec AntiVirus forMacintosh Preference Set.

2 On the Symantec AntiVirus for Macintosh Options page, specify the

following:


Creating Auto-Protect preference setsUse these options to set Auto-Protect preferences for clients, which override any

preferences set locally on the clients.

Note: The SafeZone and Mount Scan features are new to Symantec AntiVirus 10

for Macintosh. Clients running Norton AntiVirus 9 ignore the preference

settings you send that pertain to these two features.

Key ID The integer by which the public key is identified

at both the server and the client.


Preference Set

Name

The name that identifies your saved preference

settings.

Scan compressed files Turn on or turn off compressed file scanning.

Select the file information to

include in the scan report

Select what you want to include in the scan

report that will be generated on the client.

Scheduled Scan Alerts Configure the Symantec AntiVirus scan toproduce alerts that appear only when infections

are found or every time a scheduled scan is

completed.

Select to have infected files

repaired automatically or manually

when you perform a scan

Configure Symantec AntiVirus to automatically

repair infected files or manually repair infected

files.

Select to quarantine files that

cannot be repaired

Configure Symantec AntiVirus to quarantine

files that cannot be repaired.

Select to receive a reminder if virus

definitions appear out of date

Configure Symantec AntiVirus to display a virus

definitions alert.


21/73

21Guarding your networkSending preferences to clients

To create Auto-Protect preference sets

1 On the Client Preferences page, click Create Auto-Protect Preference Set.

2 On the Auto-Protect Options page, specify the following:


Sending preferences to clientsAfter you create preferences, you must send them to clients in order for the

preferences to be executed.

To send preferences to clients

1 On the Send Commands page, if necessary, select one or more clients or

groups to receive the command.

2 Under Send Command Options, select Send command to all clients or Send

command to clients and groups checked above.

3 On the Command pop-up menu, click Set Symantec Product Preferences.

4 Click Specify Parameters.

Key ID The integer by which the public key is identified at both



Preference Set Name The name that identifies your saved preferences settings.

Auto-Protect Enabled Enable Auto-Protect on client.

Scan compressed files Configure Auto-Protect to scan compressed files.

Automatic Repair Automatically repair infected files.

Quarantine files that

cannot be repaired

Automatically quarantine files that cannot be repaired.

SafeZone settings Specify which areas of the clients system to scan andwhich areas to ignore.

Mount Scan settings Specify whether to scan disks when they are mounted,

whether to show a progress bar when scanning mounted

disks, and whether to eject infected disks. Also specify

which kinds of disks should be scanned when mounted and

which should be ignored.


22/73

22 Guarding your networkUpdating clients

5 On the Set Symantec Product Preferences page, specify the following:

6 Click Command.

Updating clientsOne common reason that virus protection fails is that virus definitions are not

current. New threats to your network and many viruses arise on a continual

basis.

Running LiveUpdate connects you to the Symantec Security Response Web

site to determine if your virus definitions need updating. If so, LiveUpdate

downloads the files onto your network and installs them to the proper locations.

LiveUpdate also checks for program patches and downloads them as necessary.

The only prerequisite for running LiveUpdate is an Internet connection. Toenforce the antivirus policy for your enterprise, you may want to set preferences

for the LiveUpdate commands.

Command Label The name that you assign to your command. The name appears

in the Command log after you issue the command.

Command Expires The time period in which the command is active. Enter a

number, and then specify the period in days, weeks, or months.

Command Key ID The integer by which the public key is identified at both the

server and the client.


Preference Set Type the name of the preference set that you configured.


23/73

23Guarding your networkUpdating clients

Running LiveUpdate commands

You can run LiveUpdate commands on the client with these options. You can

either download program and virus definitions files by running LiveUpdate

Everything, or you can download and install only the most recent virus

definitions file by running LiveUpdate Virus Definitions.

Warning: Updating a large number of clients simultaneously can result in slow

network performance.

To run LiveUpdate commands





3 On the Command pop-up menu, click LiveUpdate.


5 On the LiveUpdate Options page, specify the following:

6 Click Command.




number, and then specify the period in days, weeks, or months.




Update Select one of the following:

Virus Definitions: Download and install only the most

recent virus definitions file.

Everything: Download program and virus definitions files.

24 G di k


24/73

24 Guarding your networkInitiating scans

About clients with intermittent connectivity

If a managed client infrequently connects to the network, such as might happen

with an offsite iBook, it may not have the most current updates. When it

reconnects to the network, it sends a status packet to the server about the

commands that it has received. The server evaluates the status and issues the

unexpired commands that the client has not received.

To ensure that the latest updates are available the next time that the client

connects to the network, issue the LiveUpdate command with an expiration date

that accommodates clients that are not always connected.

Initiating scansVirus scans inspect selected disks and folders on targeted client computers.

Scans initiated by the Virus Scan command automatically repair or quarantine

infected files, and scan compressed files. You may want to initiate a scan if you

suspect that a virus has been introduced on a client or group of clients. You can

initiate a virus scan at any time.

To initiate a virus scan





3 On the Command pop-up menu, click Virus Scan.


5 On the Virus Scan page, specify the following:



Command Expires The time period in which the command is active. Enter anumber, and then specify the period in days, weeks, or months.




25Guarding your network


25/73

25Guarding your networkInitiating scans

6 Click Command.

Scan target On the Scan target pop-up menu, you can select to scan the

following:

All mounted disks: Includes all local devices, all devices

attached to the client computer, and mounted network

volumes.

All mounted local disks: Includes all local devices and all

devices attached to the client computer.

Applications folder: The clients boot volumes

Applications folder.

Library folder: The clients boot volumes Library folder.

26 Guarding your network


26/73

26 Guarding your networkInitiating scans

3


27/73

Chapter 3

Managing accounts,

clients, and groups


Managing administrator accounts

Managing clients

Managing groups

Managing administrator accountsYou can manage administrator accounts using the administration console. The

first administrator account is created during the server installation.

Note: See the Symantec AntiVirus 10 for Macintosh Installation Guidefor more

information.

Managing administrator accounts involves the following tasks:

Create administrator accounts.

Edit administrator accounts.

Remove administrator accounts.

28 Managing accounts, clients, and groups


28/73

g g g pManaging administrator accounts

Creating administrator accounts

The administration console enables you to create multiple administratoraccounts. You may require an administrator to replace you during your absence

or may want to establish a system where specific administrators are responsible

for particular actions or groups.

Depending on your reasons for creating an administrator account, you can grant

and restrict certain privileges for an account. You can determine whether the

new administrator can create additional administrator accounts, issue

commands, or create key pairs.

Note: You may want to have a new administrator use a specific Key ID so that his

or her commands can be tracked.

To create an administrator account

1 On the Maintenance page, click Create Administrator Account.

2 On the Create Administrator Account page, specify the following:

3 Click Create Account.

Administrator

User Name

A unique name for the new administrator account. You

can type an administrator user name that is between one

and thirty-two characters.

New Password A password for the new administrator account. You can

type an administrator password that is between one and

thirty-two characters.

Re-enter New Password Retype the new administrator account password.

Language The default language for the administrator account.

User can broadcast

commands

Grant or refuse rights to broadcast commands to clients

and groups.

User can create key pairs Grant or refuse rights to create key pairs.

User can create

Administrators

Grant or refuse rights to create additional

administrators.

29Managing accounts, clients, and groups


29/73

Managing administrator accounts

Editing administrator accounts

You can edit your own administrator account to change the password or thedefault language.

To edit your administrator account

1 On the Maintenance page, click Edit Administrator User.

2 On the Edit Administrator User page, specify the following:

3 Click Modify Account.

Removing administrator accounts

If an administrator no longer manages the network, you can remove his or her

account. Any administrator with full privileges can remove the account.

To remove an administrator account

1 On the Maintenance page, click Remove Administrator User.

2 On the Remove Administrator User page, select the account to remove.

3 Click Remove Administrator User.

Current Password The existing password for the administrator.

New Password A password for the new administrator account. You can type

an administrator password that is between one and thirty-

two characters.

Re-enter New

Password

Retype the new administrator account password.

Language The default language for the administrator account.



30/73

Managing clients

Managing clientsThe administration console manages consistent and up-to-date antivirus

coverage across the enterprise, and reduces the need for users to independently

configure and manage their antivirus software. You can perform the following

tasks using the administration console:

Configure a client package.

Set client preferences.

Ping clients.

Edit the client list.

Remove clients.

Configuring a client package

When you configure a client package, the package adopts the servers settings

that you specified when you configured the server. The settings need to beidentical across the enterprise to ensure that all clients communicate on the

same channel. If your server settings change, you need to configure the client

package that you use to install new clients to reflect those changes.

When you configure a client package, a client preference set is also created that

you can distribute to previously installed clients in order to make the necessary

changes.

To configure a client package

1 On the Maintenance page, click Configure Client Package.

2 Under Configure Client Package, specify the following:

3 Click Modify Client Package.

Client Package Key ID The public key that is embedded into the client package

(Symantec Administration Client.pkg). By default, one key

appears on the pop-up menu. This is the key that the

administration console installation process generates.You can create additional keys on the Create Public Key

page. If you do so, more keys will appear on the Client

Package Key ID pop-up menu.

Password The administrative password required to issue the

command.



31/73

Managing clients

Manually setting client preferences

The majority of client package settings are specified using the administrationconsole. However, there are two settings that can be changed only by manually

editing the config file on the server. One setting specifies the length of time

between status updates from a client. The other setting specifies the length of

time that old commands are stored on the client.

Note: If your network includes more than 2000 computers, you should increase

the time between status updates to reduce network traffic.

To manually set client preferences

1 Use the Terminal or other utility to open the bash shell prompt.

2 Switch to the root account.

3 Type the path for the SMac directory located on the server:

/Library/Application Support/Symantec/SMac

4 Use a text editor or Integrated Development Environment program (IDE) to

open the config text file.

5 Modify one or both of the following keys:

6 Save the config file.

Pinging network clientsYou can ping one or more clients or groups. Because the ping command forces

the client to report status as soon as possible, you can use it to verify the clients

network status. After issuing a ping command, check the Command log to verify

whether the client is active or disconnected. You can also use the ping command

to receive immediate status from a client.

To ping one or more clients or groups



StatusUpdateInterval Integer denotes the length of time in seconds between

regular status reports from the client to the server. The

default is 300 (5 minutes).

CommandLogArchTime Integer denotes the length of time in seconds that a

command that has been executed, successfully or not, will

be stored on the client. The default is 604800 (1 week).



32/73

Managing clients


command to clients or groups checked above.

3 On the Command pop-up menu, click Ping.


5 On the Ping page, specify the following:

6 Click Command.

Editing your client list

The Send Commands page includes a list of all clients in your managed client

database. The list includes the name and location of each client. The name is the

Mac OS X computer name of the client, and the location is the IP address of the

gateway on that computer. These entries are established at the time that the

client registers itself with the server. If this information changes on the

computer after that time, the changes will not be reflected in the Send

Commands page list. However, you can edit the list on the Send Commands page

to make any changes to this information that you need.

Note: If you have a large number of computers for which you need to make

changes, it may be easier to make those changes directly in the database.

See Tables in the database on page 57.

To edit your client list

1 On the Send Commands page, select either the name or location for the

client whose information you want to change.

2 On the Modify Information page, type your changes.

3 Click Modify Information.

Command Label The name that you assign to your command. The name

appears in the Command log after you issue the command.


number, and then specify the period in days, weeks, or

months.






33/73

Managing groups

Removing clients from the managed client database

Many reasons exist for removing clients from the network. For example, if theclient fails to respond to the server and requires reinstallation, you would need

to remove the client from the network. If you remove a client from the network

for any reason, you should also remove it from the managed client database.

To remove clients from the managed client database

1 On the Maintenance page, click Remove Clients.

2 On the Remove Clients page, select one or more clients.

3 Click Remove Clients.

Managing groupsYou can use the administration console to simultaneously manage a collection

of clients by assigning clients to a group. You can create as many groups as you

like, and you can name and order them according to various classifications.

A client can belong to more than one group. For example, your network might

consist of the following groups:

Subnet1

Subnet2

Administrators

Non-administrators

Each client can belong to two of those groups because they are categorized in

different ways. However, you must be careful with certain group operations

such as setting preferences, because the options for one group can override

those set earlier for a different group.

Another advantage of managing clients in groups is that you can consistently

assign preferences and commands to a collection of clients. For example, you

can specify that Subnet1 members download from the Symantec LiveUpdateserver while Subnet2 members download from a local server.

34 Managing accounts, clients, and groupsManaging groups


34/73

Creating groups

Consider how you want to organize and classify your groups before beginning tocreate them to avoid having to continuously reorganize them.

Note: You can also create groups using the Add to Group command.

See Adding clients to a group on page 34.

To create a group

1 On the Maintenance page, click Manage Groups.

2 On the Create Group page, next to Group Name, type a name for the new

group.

If other groups were created, they appear in the Groups table on the Create

Group page.

3 Click Create Group.

Deleting groups

Many scenarios exist in which you might need to delete a group. For instance,

you may decide to do so after merging the members of one group into another

because the network is being restructured. A group can be deleted only after all

of its members have been removed from the group.

To delete a group1 On the Maintenance page, click Manage Groups.

2 Under Groups, click Remove Group next to the group that you would like to

remove.

3 You are asked if you are sure that you want to remove the selected group.

Click Yes, Remove to remove the group.

Adding clients to a group

Typically, you add clients to a group to ease management. Adding members to a

group reduces the number of individual connections that you must directly

manage. For example, if you have a network with ten clients, and then split

these clients into two groups, you are left to manage only two entities.

To add one or more clients to a group



35Managing accounts, clients, and groupsManaging groups


35/73



3 On the Command pop-up menu, click Add to Group.


5 On the Add to Group page, specify the following:

6 If you are creating a new group, click Create a new group and type a unique

name for the group.

7 Click Command.

Removing clients from a group

Clients are removed from groups for various reasons. For example, you may

remove a client from a group to move it to another group, or if the client cannot

respond to your commands and requires troubleshooting.

To remove one or more clients from a group



2 Under Send Command Options, select Send command to all clients or Sendcommand to clients or groups checked above.

3 On the Command pop-up menu, click Remove from Group.




Command Expires The time period in which the command is active. Enter anumber, and then specify the period in days, weeks, or

months.




Group The group name in which to assign the client or group.

36 Managing accounts, clients, and groupsManaging groups


36/73

5 On the Remove from Group page, specify the following:

6 Click Command.





months.




Group The group name in which to remove a client.

Chapter 4


37/73

Chapter 4

Managing commands


Managing command templates

Managing public keys

Interrupting commands and processes

Managing command templatesYou can save commands in templates to reuse them and avoid having to re-enter

their parameters.

Creating command templatesYou can create a command template on the Send Commands page.

To create a command template

1 On the Send Commands page, under Send Command Options, click Save

command as template.

2 On the Command pop-up menu, select the command that you want to use.


4 On the commands parameter page, specify the appropriate parameters. The

parameters differ based on the command that you create.

5 Click Save Command.

38 Managing commandsManaging command templates


38/73

Using command templates

You can issue commands using saved command templates on the SendCommands page.

To issue a command using a template




command to clients or groups checked above.3 On the Command pop-up menu, click the saved command that you want to

use.


5 On the commands parameter page, modify any command parameters as

needed.

6 Type your key password.

7 Click Command.

Deleting command templates

You can delete command templates on the Manage Command Templates page.

You may want to delete a command template so that you can replace it with an

updated version.

To delete command templates

1 On the Maintenance page, click Manage Command Templates.

2 On the Manage Command Templates page, select one or more templates to

delete.

3 Click Delete Selected Templates.

39Managing commandsManaging public keys


39/73

Managing public keysThe administration console uses a public/private key algorithm when you issue

commands from the console. In addition, at least one key is created

automatically during the server installation process. You must set up at least

one key pair before you install the Symantec Administration Console client

software on any computers on your network.

Creating a public key

The server installation process generates the initial public key that you use to

broadcast commands to the network. After the server and clients are running,

you can create additional public keys. Typically, you create another key when

you want to change client settings or issue new commands, such as Add Public

Key, Install Software, or Set Symantec Product Preferences. You must distribute

the new key to the clients before you use the key to send a command.

To create a public key

1 On the Maintenance page, click Create Public Key.

2 On the Create Public Key page, specify the following:

3 Click Create Public Key.

4 Send the new key to the clients.

See Adding a public key to clients on the network on page 40.

Password The administrative password required to create the key.

Re-enter Password Retype the password for the new key pair.

Replace Existing Key Retain or overwrite an existing administrative key. Make

sure to distribute the new key to any clients that rely on the

key being replaced, or they will not be able to communicate

with the server.

Public Key to Replace If you selected to overwrite an existing key, select the

administrative key to replace.

40 Managing commandsManaging public keys


40/73

Adding a public key to clients on the network

The Add Public Key command is used to distribute a new public/private key pairto clients. The new key is used by clients to validate future commands.

To add a public key to clients on the network

1 On the Send Commands page, under Send Command Options, click Send

command to all clients.

2 On the Command pop-up menu, click Add Public Key.


4 On the Add Public Keypage, specify the following:

5 Click Command.

Removing a public key from clients on the network

You may want to remove an existing public key if a key that you associated with

an administrator is no longer active because you have removed the

administrator. Removing a public key removes it from the clients only; itremains on the server.

Note: If you are replacing a public key, use the Create Public Key command.

See Creating a public key on page 39.





months.

Command Key ID This is an integer by which the public key is identified at both


This is the pre-existing key installed on the client and is used

to authenticate the command.


New Public Key ID The Key ID to be added.

41Managing commandsInterrupting commands and processes


41/73

To remove a public key from clients on the network

1 On the Send Commands page, under Send Command Options, click Sendcommand to all clients.

2 On the Command pop-up menu, click Remove Public Key.


4 On the Remove Public Keypage, specify the following:

5 Click Command.

Interrupting commands and processes

You can use the administration console to interrupt pre-existing commands andprocesses. You may need to reboot a client because you have installed new

software on the computer, or reset a client because it is unable to receive

commands. Terminating a command may be necessary if you would like to issue

a new command that conflicts with the original. The commands that you can

issue to interrupt commands and processes are as follows:

Terminate command

Reset client Reboot client





months.




Public key ID The Key ID to be removed.

42 Managing commandsInterrupting commands and processes


42/73

Terminating a command

When you terminate a command that you have issued to one or more clients orgroups, all processes associated with the command immediately halt. For

example, if you mistakenly issued an incorrect client package command, or

initiated a virus scan for all mounted disks instead of just the Applications

folder, this command could be useful.

To terminate a command





3 On the Command pop-up menu, click Terminate Command.


5 On the Terminate Command page, specify the following:

6 Click Command.

Resetting a clientReset a client to clear out any queued commands on that client. For example, a

client may appear to be stuck if it is failing to receive any commands. Resetting

the client clears any commands that have not been executed, and the client then

retrieves the unexecuted commands from the servers queue of commands and

attempts to execute them.

To reset a client







months.




Terminate Command Select the command to be terminated.

43Managing commandsInterrupting commands and processes


43/73



3 On the Command pop-up menu, click Reset Client.


5 On the Reset Client page, specify the following:

6 Click Command.

Rebooting a client

To reboot a client means to issue a command to halt all client processes, shut

down, and then restart the computer. Even after resetting a client, problems can

persist and you may decide that rebooting the client is a possible solution.

Another reason to reboot is if you have issued a LiveUpdate command that

downloads an update that requires a restart.

When the client receives the reboot command, an alert appears informing users

that their computer will reboot, and asking them to save their work and click

Restart. You can provide an alternative message if you want.

Note: If the alert remains on the desktop for more than twelve hours, the client

computer will automatically reboot.

To reboot a client





3 On the Command pop-up menu, click Reboot Client.




Command Expires The time period in which the command is active. Enter anumber, and then specify the period in days, weeks, or

months.




44 Managing commandsInterrupting commands and processes


44/73

5 On the Reboot Clientpage, specify the following:

6 Click Command.





months.




Optional message to

user

Type an informational message that will appear on the client

computer. This setting is optional.

Chapter 5


45/73

Managing software

installation


Installing software

Running the Download Script command

Running a custom script

Installing softwareThe administration console provides the following commands to install, update,

and customize software installations across the enterprise: Install Software

Download Script

Run Custom Script

The Install Software command causes clients to download, from a URL or

alternative server, the package that contains the software. The client then

decrypts and installs the software.

Like the Install Software command, the Download Script command directs

clients to download, decrypt, and install specific software, update packages, and

scripts. In addition, you can modify the script to specify incremental updates

and full installations.

46 Managing software installationInstalling software


46/73

Creating a package

Before running the Install Software command, you must use the command linecommand, SymInstallPackage, to create the package that will contain the

software and additional files.

Note: For information about creating a package, see the man page entry for

SymInstallPackage.

When you use the command line script to create a package, contents typically

include the following:

An encrypted key, associated with the package and used to verify that the

package originated from the server

One or more scripts that tell the client what to do with the package

A tar file that contains the software installer package

The location of the tar file that contains the installer package is used as the URL

in the Install Software command.

You do not have to limit the files that you include in the package to installation

files. However, if you do include another kind of file, you must also include a

script telling the client what to do with it. If the file is a .pkg file, that script is

provided automatically.

Running the Install Software command

You can issue the Install Software command at any time.

To run the Install Software command




command to clients or groups checked above.3 On the Command pop-up menu, click Install Software.


47Managing software installationRunning the Download Script command


47/73

5 On the Install Software page, specify the following:

Running the Download Script command

Initiating the download script process is similar to installing software in thatyou must use the SymInstallPackage command. However, when you create a

package, you must already have created a script to specify when running the

SymInstallPackage command. Doing so results in a tar (.tgz) file that contains

the script and the associated file.

Note: For information about creating a package, see the man page entry for

SymInstallPackage.

The Download Script command is useful if you need to run a particular script on

multiple occasions. You can refer to the scripts location on the server, and only

the commands parameters need be entered before you download the script.

You can issue the Download Script command at any time.

To run the Download Script command

1 On the Send Commands page, if necessary, select one or more clients orgroups to receive the command.

2 Under Send Commands Option, select Send command to all clients or Send


3 On the Command pop-up menu, click Download Script.


Command Label The name that you assign to your command. The nameappears in the Command log after you issue the command.



months.




Install Package URL An FTP or HTTP address from which the client downloads the

desired script.

48 Managing software installationRunning a custom script


48/73

5 On the Download Script page, specify the following:

Running a custom script

The Run Custom Script command is useful if you need to run a scriptimmediately and youre aware of the correct script syntax, because you type the

script when you issue the command.

You can type any UNIX shell script supported by Mac OS X. The script runs as

root on the client.

To run a custom script





3 On the Command pop-up menu, click Run Custom Script.





months.




Script Package URL An FTP or HTTP address from which the client downloads the

installer package for the desired script.

49Managing software installationRunning a custom script


49/73

5 On the Install Software page, specify the following:

6 Click Command.




months.




Script Type a script.

Script arguments Type additional script arguments.

50 Managing software installationRunning a custom script


50/73

Chapter 6


51/73

Reviewing network status


Using the Home page

Viewing virus protection status

Viewing virus activity status

Viewing command results

Viewing installed client software

Customizing log or report displays

Purging log data

Using the Home pageThe Home page provides a summary of virus, command, event, and client

information about your managed network. It includes links to logs and reports

that provide additional details about the information. You can set how

frequently this information is refreshed and you can access a version of this

information that is suitable for printing.

To set the refresh frequency

At the top of the Home page, under the tabs, click the amount of time to pass

before the Home page is refreshed. Your options are:

30 seconds

60 seconds

120 seconds

Dont Refresh

52 Reviewing network statusViewing events

T i t bl i f th H


52/73

To see a printable version of the Home page

On the right side of the Home page, click Printable Version.

Viewing eventsEvents are actions initiated on the client, such as when Auto-Protect detects a

virus. Viruses detected during a scan initiated by the server appear as events;

however, viruses detected during a manual scan initiated on the client do not.

Events can be viewed in the following logs:

Events log

Client Events log

Viewing the Events log

The Events log lists all events reported by all clients. The log displays the name,

client location, date and time the event occurred on the client, and date and time

the event was reported to the server.

To view the Events log

Do one of the following:

On the Home page, under Events Log Summary, click View Events Log.

On the Reports & Logs page, under Events, click Events Log.

Viewing the Client Events logThe Client Events log displays events listed by client. The log displays the client

name, client location (either by description or TCP/IP address), and the date and

time that the event was reported to the server.

To view the Client Events log

On the Reports & Logs page, under Events, click Client Events Log.

Viewing command resultsThe Command log displays comprehensive information about commands and

corresponding client responses. The log displays the date and time of the last

network command, its label and command name, the administrator who

submitted the command, the commands expiration date, and whether the

command completed without error. For additional information about a specificcommand, each entry provides a link to the Command Details log.

53Reviewing network statusViewing virus protection status

To view the Command log


53/73

To view the Command log

Do one of the following:

On the Home page, under Latest Command Log Summary, click View

Command Log.

Anywhere in the administration console, click the Command Log tab.

Viewing virus protection statusA strong virus protection strategy includes enabling Auto-Protect on client

computers and keeping virus definitions current. The virus protection status

logs, available only through the Home page, show those clients that are running

Auto-Protect, those that are not, and those that are running outdated virus

definitions. Table 6-1 describes the virus protection status logs.

To view a virus protection status log

On the Home page, click the link for the log that you want to see.

Viewing virus activity statusThe virus activity status reports provide you with information about the number

and frequency of viruses detected on your network.

Table 6-2 lists the virus activity status reports available.

Table 6-1 Virus protection status logs

Summary type Description

Auto-Protect Enabled

Clients

Displays the number of clients running Auto-Protect and a link to

the list of clients.

Auto-Protect

Disabled Clients

Displays the number of clients with Auto-Protect turned off and a

Documents

Symantec Administration Console Admin Guide